<?php
	session_start();
	function gotoguestbook()
	{
		/*
		header( "Expires: Mon, 20 Dec 1998 01:00:00 GMT" );
		header( "Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT" );
		header( "Cache-Control: no-cache, must-revalidate" );
		header( "Pragma: no-cache" );
		*/
		header( 'Location: ./guestbook.html' ) ;	// Redirect back to the guestbook.
		dm('Redirecting now...');
	}

	
	include './data/phpfunctions.php';					// Passwords and functions for connecting to database stored externally.
	include './data/lib_f_validate.php';				// Functions to validate form info.
	dm('past headers'); 
	
	$msg = 'Error: ';
	if (isset($_POST['submit'])) 
	{
		dm('isset($_POST[\'submit\']) was true<br>');
		if ($_POST['title'] && $_POST['comment'] && $_POST['author'] && $_POST['hometown'] && $_POST['email'])
		{
			dm('All fields filled');
			$comment = validateText($comment);
			$title = validateText($title);
			$author = validateText($author);
			$hometown = validateText($hometown);
			$email = validateText($email);
			dm('All fields validated');
			if(!validateEMail($email)){$msg = $msg . 'Invalid Email Address'; $err = true; dm($msg);}
			dm('Email is proper');
			dm('$err = ' . $err);
			if(!$err)
			{
				$db = getdb();
				$table = "anas_guestbook";					// Choose the table for this guestbook.
				$query = "SELECT * FROM " . $table;
				$result = mysql_query($query);
				$MID = mysql_numrows($result); 				//The number of posts in the guestbook.
				dm('The number of posts: ' . $MID);
				$date = date('y-m-d');
				dm('inserting now...');
				$query = "INSERT INTO `" . $table . "` VALUES (" . $MID . ",'". $title . "','" . $comment."','".$author."','" . $date . "', '" . $hometown ."', '". $email. "')";
				dm('Query: ' . $query);
				$result = mysql_query($query);
				dm('Result: ' . $result);
				$_SESSION['signedGuestbook'] = true;
				$_SESSION['MID'] = $MID;
				gotoguestbook();
			} else {
				error($msg);
				gotoguestbook();
			}
		}
	}

?>
